Reputation: 115
Android AWS S3 security alert
I published android apps 2 days ago. The apps is working well what I think. But, now I get a message from google-play. Like this.
Security alert
Your Amazon Web Services credentials may be exposed. This exposure of your credentials could lead to unauthorized access to your AWS account, which may include associated excessive charges, and potentially unauthorized access to your data and your users' data.
My apps use S3 connection for direct upload. I referred follow page "http://java.awsblog.com/post/Tx2Q9SGR6OKSVYX/Amazon-S3-TransferManager" for implementing upload function.
And also I make instance of TransferManager like this.
TransferManager tx = new TransferManager(new BasicAWSCredentials(ACCESS_KEY_ID, SECRET_KEY));
What is my mistake? Is it bed at using keys directly? If yes, what can I do to avoid this alert?
Upvotes: 1
Views: 1854
Answers (1)
Reputation: 12121
I think you are using the Java server libraries which assume only a few machines will be connecting to your S3 account. You should probably be looking at Amazon's mobile SDK:
http://docs.aws.amazon.com/mobile/sdkforandroid/developerguide/setup.html
Upvotes: 3
Related Questions
- Amazon S3 Error: The request signature we calculated does not match the signature you provided. Check your key and signing method
- Amazon S3 issues - Cannot resolve symbol AmazonS3Client
- Received S3 bucket security notification email for my AWS account?
- Android and AWS S3
- Android Amazon s3 bucket
- Unable to access AWS S3 from Android
- Android AWS S3 Access Denied
- Proguard Aws s3 issue
- android aws error code bucket already owned by you
- amazon S3 and android